VYPR
Medium severity4.2NVD Advisory· Published Mar 18, 2014· Updated Jun 17, 2026

CVE-2014-2532

CVE-2014-2532

Description

sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • OpenBSD/OpenSSH6 versions
    cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*range: <=6.5
    • cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_user_data_repository:10.0.1:*:*:*:*:*:*:*
  • OpenSSH/OpenSSHllm-fuzzy
    Range: <6.6

Patches

Vulnerability mechanics

References

23

News mentions

0

No linked articles in our index yet.